Vulnerabilities > Linux > Linux Kernel > 2.6.16.13

DATE CVE VULNERABILITY TITLE RISK
2017-10-17 CVE-2017-15537 Information Exposure vulnerability in Linux Kernel
The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.
local
low complexity
linux CWE-200
2.1
2017-10-16 CVE-2017-15265 Use After Free vulnerability in Linux Kernel
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
local
high complexity
linux CWE-416
7.0
2017-10-14 CVE-2017-15299 NULL Pointer Dereference vulnerability in Linux Kernel
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.
local
low complexity
linux CWE-476
5.5
2017-10-12 CVE-2017-15274 NULL Pointer Dereference vulnerability in Linux Kernel
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.
local
low complexity
linux CWE-476
4.9
2017-10-12 CVE-2017-12192 NULL Pointer Dereference vulnerability in Linux Kernel
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.
local
low complexity
linux CWE-476
5.5
2017-10-05 CVE-2017-1000112 Race Condition vulnerability in Linux Kernel
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch.
local
high complexity
linux CWE-362
7.0
2017-10-04 CVE-2017-14991 Information Exposure vulnerability in Linux Kernel
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
local
low complexity
linux CWE-200
2.1
2017-10-02 CVE-2017-14954 Information Exposure vulnerability in Linux Kernel
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call.
local
low complexity
linux CWE-200
2.1
2017-09-26 CVE-2017-12154 Unspecified vulnerability in Linux Kernel
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
local
low complexity
linux
7.1
2017-09-26 CVE-2017-1000252 Reachable Assertion vulnerability in Linux Kernel
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
local
low complexity
linux CWE-617
2.1